We live in an increasingly impatient society, our every whim catered for by technology. There’s a lot to be said for it… and against it. A big bone of contention right now is contactless payments.
This might be using a card — just press your debit or credit card against a scanner and it’ll pay for your transaction — or using your smartphones’ digital wallets, including Apple Pay. You don’t have to enter your PIN. But aren’t those four-digit numbers designed to keep your cash secure? It’s no wonder many distrust the new methods.
In the U.K. alone, contactless payment fraud has risen by nearly 150 percent in just a year, from £2.8 million ($3.6 million) in 2015 to almost £7 million ($9 million) last year.
Contactless payment scams are spreading across the world. What can you do to avoid becoming a victim?
1. Be Careful Where You Keep Your Cards
This is especially important when using public transport, notably the underground subway.
Some scammers carry around card readers, which are easy enough to get hold of. All they’d need to do is type in a value of less than the typical limits (generally between $25 and $50, depending on the provider), and hold the device to people’s wallets or pockets. Thieves might as well set it to the lowest limit so no complications arise. After all, the limit applies to individual cards, and a fraudster can hit loads of people each day.
Public transport is ideal as we’re all used to being pushed close to complete strangers. As many keep their wallets in back pockets, it’s a very simple way for criminals to get huge amounts of money.
This practice became widely known after a Facebook post from Paul Jarvis in 2016 went viral: this now-deleted photo showed a scammer with a card reader nestled in his hand while on the subway.
But you don’t even need a specialized device. You can download card-reading apps very easily, especially if a phone is jailbroken.
2. Invest in a RFID-Blocking Wallet
Of course, you always need to be aware of where your wallet is, but few of us are proactive enough to realize when someone skims too close and could be maliciously scanning your cards. Fortunately, you can buy special wallets that will protect your cards.
Contactless card payments are my biggest downfall
— Brodie vincent (@brodievincent) June 2, 2017
Some people advise wrapping your cards in tin foil, and while this can work, it’s better merely as a short-term method of protection. Can you name the last time you saw someone ready to pay, with foil in their wallets?
Instead, your best bet is an RFID-blocking wallet, which typically looks like a metal case with variated folders inside. These block the radio waves between a card reader and the RFID chip in your card.
A decent one will set you back $20 or more, but if that’s the price for protection, it’s difficult to argue with. Otherwise, you could always try a sleeve that does the same thing, but handily slips into your normal wallet.
3. Create a Strong PIN
This isn’t the case for all digital wallets (e.g. Apple Pay verifies payments using your fingerprint), but if your smartphone authenticates details using a pattern or PIN, you need to make sure you’ve picked a very secure combination.
Out of those two options, a PIN is more secure so stick with that.
However tempting it might be, don’t use the same PIN to unlock your smartphone as the one which verifies contactless payments. We’ve all been advised not to use the same password on numerous sites; the same goes for your phone. After all, a second layer of security on your digital wallet means nothing if someone has got past the first and they’re identical anyway!
Otherwise, fingerprint ID to unlock your smartphone is definitely a good idea.
When choosing your PIN, don’t go for the Personally Identifiable Information (PII) of yourself or a family member. In the event of your details being hacked from another service and leaked onto the Dark Web, you risk payment information too.
4. Don’t Let Your Card Out of Sight
In restaurants, you simply trust your waiter or waitress. You trust them with your food and drink. You trust them with tips. And so you also trust them with payment of your bill. That’s fair enough — but there’s a worrying practice where diners allow those serving them to pay for a meal using their contactless card.
Don’t hand your card over. Even if the card reader is the other side of the restaurant. Do it yourself.
It’s very unlikely they’re not trustworthy, but is it worth the risk? Andrew Goodwill, founder of the Card Not Present fraud prevention organization Goodwill Group, warns:
“If the card reader is not brought to you for the transaction to take place then you should challenge why not and refuse to let the card out of your sight. The waiter or waitress may be all smiles and maybe served you very well, but do they have a card reader behind the counter? You just don’t know.”
5. Regularly Check Your Transactions
Thoroughly checking your monthly bank statements will not only mean you spot contactless payment scams, but also credit card fraud as a whole. It’s just good practice.
If there’s something you don’t recognize, raise the issue with your bank or credit card provider. Correlate with online purchases too. In most cases, you’ll be refunded any amount lost to scammers. Then naturally, you’ll need to cancel the card and request a new one.
We talk about ApplePay and AndroidPay all the time but contactless cards in the UK are way ahead of anything else! So easy to use!
— Mohit Kansal (@kansalmo) May 23, 2017
There is, however, still a security flaw that affects canceled cards. It involves offline payments: most retailers use online systems so credentials are checked as payments go through. Others, though, use offline processes. This means the card reader keeps a list of payments to be processed at a later time.
Online payments immediately verify that the card is authorized. Offline ones take time to check whether it’s been canceled, so fraudsters can get away with their items using stolen cards that should have already been destroyed.
This just reinforces the importance of checking your statements.
The Ultimate Measure
Of course, the thing that you could do that almost guarantees you don’t get scammed in this way is: don’t get a contactless card. When your card is nearly expired, request your bank send you a replacement without that extra feature. Or if you’ve already got one, ask them if they can issue another without a contactless chip, then destroy the old one.
If you don’t do a good enough job destroying it, you might as well not have got a replacement at all!
Vigilance and safety will mean that card payments in store are going to take slightly longer, but surely it’s worth using a PIN instead, for peace of mind? After all, we’d got used to it before we were introduced to contactless.
Do you use contactless? Do the benefits outweigh the risks? Or don’t you trust the system?
Image Credit: Africa Studio via Shutterstock.com